Email Security

305 views
248 views

Published on

0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
305
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
2
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Email Security

  1. 1. Email Security Laleh Tashakori
  2. 2. > > > < .> > > > > >> Web Base > > >> >> > >. > : @> > @ > >. > >
  3. 3. An overview ofInternet E-mail
  4. 4. .> > @ > . (MIT @ >) (CU @ >) > .> CUHK :1 • . > >@ @ CUHK :2 •> MIT > > :3 • .
  5. 5. > > @ @ > : > @ SMTP • > @ POP • > IMAP •
  6. 6. Secrecy
  7. 7. > > @ > >> > > > > > > : > >> . . > > ▫ .> > >> > > ▫
  8. 8. Integrity
  9. 9. > .> > > @ > >>. > . > > @ > @ > > > . >> . > @ > > > > . >
  10. 10. Solutions for SecurityProblems in Internet E- E-mail Provided by ITSC
  11. 11. Outlook @ @ :POP IMAP @ > Netscap Express . > > >@ @@ >> .> Mail Server . > @
  12. 12. @ @ . > IMAP/POP Support Secure Support Secure IMAP? POP? Netscape 6 or above Yes NoOutlook Express 5.0 or above Yes Yes Netscape 4.7 No No Eudora 5.1 No No
  13. 13. IMAP/POP > @ Outlook Express 5.x •Tools @ > > Outlook Express ▫ . Accounts
  14. 14. > > Mail ▫ . Properties
  15. 15. . POP IMAP @ ▫@ POP IMAP @ @ @ . . @
  16. 16. : •@ @@ @ @ . : Netscape Messenger 4.5 ▫ Microsoft Outlook Express 4.0 ▫
  17. 17. Digital Certificates and keys
  18. 18. @ @ @ . @ @ . Spammer : SMIME @ PGP SMIME @ Hotmail @ . . @ @ @
  19. 19. @ . . @ • @ . . @ @ . .
  20. 20. .@ . @ : . . ( ) @ . @ 32 @ @ . .
  21. 21. @ @ . “ @ “ @ @ . @ Certificate . . Authorities Mozilla Netscape Messenger @ SMIME Eudora. Outlook Express Thunderbird . PGP SMIME
  22. 22. Weaknesses of digital keys
  23. 23. . • •. • . @ • .
  24. 24. . • @ • . . @ • Spam
  25. 25. PGP
  26. 26. @ SMIME @ @ PGP. Eudora Internet Explorer PGP . Netscape @ . Outlook Eudora Netscape PGP PGPI . Thunderbird Mozilla @ PGP.
  27. 27. Mobile email security
  28. 28. . @ . . @
  29. 29. Mail.app @ Account . SMTP POP IMAP @ @@ @ . . . SSL/TLS @ .
  30. 30. @ Safari Web Server Mail Server @ AES 128-bit .Internet Explorer AES 256-bit @ . Win XP . 128 @
  31. 31. @ : @ . Spam @ @ SMIME @ PGP @ @ @
  32. 32. Encryption
  33. 33. Digital Signature Public Key Private Key Public Key PKI Private Keycan be distributed Public Key Infrustracture should be secret
  34. 34. Encryption@ @ (Encrypted)
  35. 35. Certification
  36. 36. None Secure Model ReceivingBob John : . - . @ - Hacker
  37. 37. Secure ModelBob John . . ” “- . - . - ” “@ @ - . - ( )” “ . . - Hacker . ( )” “
  38. 38. Signed by His Private KeyA Encrypted by B,C,D,F Public Key B C D E F . @
  39. 39. Server
  40. 40. ISP RouterClient DNS server Yahoo mail server Yahoo login page
  41. 41. ISP RouterClient DNS server Yahoo mail server Yahoo fake server Yahoo fake login page
  42. 42. None Secure Model Data Exchanging Client Serverhttp session pocket User name : -- Password : --- Catch user User name : administrator Sniffer Confidential Information Password : =44gtfDs43 Can affect Changing Password- information Using the account Resources-
  43. 43. Secure Model Data Exchanging Clienthttps session pocket Server Can not read data because he doesn’t have the server’s Sniffer private key .
  44. 44. . @
  45. 45. @
  46. 46. @

×